Mehdi Bugnard
Reputation: 3979
Call web api with basic authentication always get 401 unauthorized from IIS
Tonight i come search some help about how to call a web api hosted in IIS.
Everything work well in local from visual studio to iis express. But strangely, after publish on my IIS server. I always get 401 unauthorized :'(
Here is the code i use and the settings from my IIS server. I will be very grateful if somebody can help me. Thank you
**
The controller and the function i try to call (with basic authentication attribute)
**
[HttpGet]
[ActionName("Get_UserID")]
[IdentityBasicAuthentication]
[Authorize]
public HttpResponseMessage Get_UserID(string userName)
{
HttpResponseMessage res = new HttpResponseMessage(HttpStatusCode.Created);
try
{
var user = Membership.GetUser(userName, false);
if (user != null)
{
res = Request.CreateResponse(HttpStatusCode.OK, (Guid)user.ProviderUserKey);
}
else
{
res = Request.CreateResponse(HttpStatusCode.ExpectationFailed);
res.Content = new StringContent("Error");
res.ReasonPhrase = "UserName not find in the database";
}
}
catch (Exception exc)
{
//Set the response message as an exception
res = Request.CreateResponse(HttpStatusCode.InternalServerError);
res.Content = new StringContent("Exception");
res.ReasonPhrase = exc.Message;
}
return res;
}
**
Client side - How i call the web api and build my httpClient
**
public static async Task<HttpResponseMessage> RequestStart(string requestUrl, string webApiUrlBase = Globals.WebApi_Url, bool IsAuthenticateMemberRequest = false)
{
if (webApiUrlBase == null)
{
webApiUrlBase = Globals.WebApi_Url;
}
var response = new HttpResponseMessage(HttpStatusCode.Created);
using (var client = new HttpClient())
{
if (IsAuthenticateMemberRequest)
{
string strToEncode = ApplicationData.Current.LocalSettings.Values["userName"].ToString() + ":" + ApplicationData.Current.LocalSettings.Values["password"].ToString();
var authenticationBytes = Encoding.ASCII.GetBytes(strToEncode);
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic",
Convert.ToBase64String(authenticationBytes));
}
client.BaseAddress = new Uri(Globals.WebApi_Url);
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
response = await client.GetAsync(requestUrl);
}
return response;
}
**
IIS Configuration (appPool => NetworkServices - integrate)
**
**
Fiddler Debug
**
Upvotes: 6
Views: 16810
Answers (1)
Mehdi Bugnard
Reputation: 3979
Finally after search many times , many houres by myself. I find the solution. We should never enable Basic Authentication.... I know it's weird ^^ But if you want to use your custom basic authentication. Just disabled the Basic Authentication on IIS and everything goes well.
Upvotes: 11
Related Questions
- Calling WEB API with basic authentication in C#
- ASP.NET Core Web API - How to authorize my Web API Request with Basic Auth
- 401 Unauthorized error web api mvc windows authentication
- ASP.NET WebAPI Basic Authentication always fails as 401/Unauthorized
- Authorization doesn't work with Windows Authentication in IIS
- unable to authenticate using basic authentication
- Web API 2 returns 401 when hosted on IIS and return 200 when set authentication to anonymous
- ASP.NET WebApi FormsAuthentication 401 (Unauthorized) issue
- .net web executable to .net web api 401 error using BASIC authentication
- Get 401 Unauthorized when call web api even if I enable Anonymous Authentication